Summary
Affected Services
S3
Remediation
Update SDK
Tracked CVEs
CVE-2020-8912, CVE-2020-8911
References
https://twitter.com/SchmiegSophie/status/1292930639772004352https://github.com/google/security-research/security/advisories/GHSA-76wf-9vgp-pj7whttps://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9https://github.com/google/security-research/security/advisories/GHSA-7f33-f4f5-xwgwhttps://aws.amazon.com/blogs/developer/updates-to-the-amazon-s3-encryption-client/
Contributed by https://github.com/0xdabbad00
Entry Status
Finalized
Disclosure Date
Wed, Jul 1st, 2020
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
-
Piercing Index Rating
-
Discovered by
Sophie Schmieg, Google
